Method for constructing a decentralised data communication structure in a system with a plurality of components
Description of the invention
The present invention relates to a method for building a decentralised data communication structure within a system having a plurality of components, and to a system having a plurality of components, the system being configured for performing the method.
In order to protect critical infrastructure, in particular systems for energy production and feeding to public power grids, from network attacks, high safety requirements must be met. It is therefore desirable to reduce the connection of such systems to the data network to the functionally necessary extent or to discard such connections entirely. However, the components of such a system must be able to communicate in a tamper-and eavesdropping-resistant manner, even though a network attack may only be implemented by directly accessing one of the components or the communication connection between the components, and such an attack may only be performed in the field. To this end, methods have been developed that are based on the presence of signed certificates on system components. However, installing a system that provides the preconditions for performing this method is complicated by the need to distribute these certificates to each component in a secure manner, preferably already at the time of production of the component, or else by a direct data connection with each component of the installed system. In particular, using components from multiple manufacturers in one system can thus become difficult due to the lack of existing standards.
Document US 2021/0184864 A1 discloses a method for building a certificate infrastructure in a system with a mixed signature protocol. In this case, different digital certificates are generated for different protocols. Furthermore, document WO 2013/123548 A2 shows a method for providing keys for secure communication between two users in a decentralized network, or an application for sharing information between users via a common data store.
Other methods are based on the component signing its certificate itself. These methods can be easily implemented but have the major disadvantage that the identity of the device cannot be securely checked by other communication partners. Although the communication between the two devices can be encrypted in this way, the communication participants cannot be mutually authenticated correctly. Thus, an unauthorized third party ("man-in-the-middle") may interrupt and eavesdrop on the communication between the two devices.
It is therefore an object of the present invention to provide a method for constructing a decentralized data communication structure in a system having a plurality of components, which can be implemented safely and at low cost and which allows an efficient and validated standard communication protocol to be used in the decentralized data communication structure.
This object is achieved by a method having the features of independent claim 1. Preferred embodiments of the method and a system configured for performing the method are the subject matter of the dependent claims.
In a system having a plurality of components, wherein each component of the system has a private key, an associated public key, a secret value (GEHEIMNIS) for protection against read-out, and unsigned credential information containing the public key in an initial state, a method for building a de-centralized data communication structure within the system according to the present invention includes setting up a registration component of the plurality of components, building a tamper-resistant channel between the registration component and a first component of the other components, authenticating (authentisieren) the first component at the registration component, and authenticating the first component via the tamper-resistant channel by means of a list of entries. The identity authentication includes signing, by the registration component, unsigned credential information of the first component via the tamper-resistant channel. The setting includes storing a list of authentication entries.
Within the scope of the present invention, the term "authentication entry" refers to an entry generated by a respective device-specific secret value of a plurality of components, which allows checking the knowledge of the device-specific secret value without transmitting the secret value. The verification entry may contain or consist of the secret value itself, but advantageously the verification entry contains only the data set calculated by means of the secret value, from which the secret value itself cannot be deduced in reverse. For example, the validation entry may contain a "salted" hash of the secret value. The validation entry may also contain a Nonce or a plurality of nonces (randomly generated data sets) and for each Nonce an associated hash value as the expected response, the hash value being determined from a combination of the Nonce and the secret value. In the case of multiple nonces, to increase network security, it may be provided that each Nonce is used only once, or is reusable only after the use of other nonces.
In an advantageous embodiment, the signature may comprise a public key of the registration component transmitted via the tamper-resistant channel. If the public key is transmitted only during the signing process, the security of the data communication structure against network attacks can be improved, since the public key is transmitted only to the authenticated component during this process.
For example, the setting up of registered components of the plurality of components may be done by an installer as an authorized party via an encrypted and tamper-proof data connection. In this case, the authentication entry may be generated by the installer entering the serial number of the component to be included in the decentralized data communication structure into the terminal device, and the terminal device thereby identifying the authentication entry to be transmitted to the registered component and transmitting the authentication entry. The identification may be done via a database stored locally on the terminal device or by retrieving a verification entry corresponding to the serial number from a database stored remotely. At this point, other components of the system need not be in operation or reachable via a data connection.
A tamper-resistant channel may be constructed between the registered component and the first component of the system by means of a pre-shared key. For this purpose, it is conceivable that the authorized party is connected to the first component via an encrypted and tamper-proof data connection and in this way transmits a pre-shared key, for example the public key of the registration component. It is also conceivable that the pre-shared key is already stored in the production process in a particularly read-out-proof secure storage area together with the device-specific secret value. In addition to preventing the transmitted data from being tampered with, the channel may also be encrypted and/or protected from unauthorized new transmissions (so-called replay attacks).
In response to the identity authentication, the identity authentication of the component may proceed via a tamper-resistant channel by the first component passing unsigned credential information to the registration component. In addition, the authentication includes verifying whether a secret value corresponding to a verification entry contained in the list by the component is stored on the first component. During this verification, the secret value should remain on the first component and must not be transmitted. This may be achieved, for example, by the registration component transmitting the data set in the form of nonces stored in the authentication entry to the first component, which computes a hash value of the combination of the first data set and the stored secret value and transmits it back to the registration component as the second data set. The return of the signature and signed certificate information is only performed if the second data set is consistent with the expected response of the verification entry associated with the first data set. Signing may be accomplished by encrypting the unsigned credential information, a portion thereof, or a data set (e.g., hash value) computed therefrom using the private key of the registration component. Each component may then verify the trustworthiness of the signed certificate information by means of the public key of the registering component. The registration component may also add more information to the credential information at the time of signing. In particular, a validity period or other validity criteria that must be met may be supplemented in order to classify the signed certificate as authentic.
In addition to the public key of the associated component, the unsigned credential information may also contain other components, such as information for establishing a data connection with the associated component, e.g., a domain name or IP address.
An identity authentication may be performed on each component of the system to obtain credential information signed by the registering component, and after performing the identity authentication, the component may prove its trustworthiness to other components of the system by means of the signed credential information. The session key may then be negotiated with other components providing credential information signed by the registering component by means of known protocols to build a secure communication channel. In particular, the communication channel may be protected by symmetric encryption via the session key. The protocol used may be the TLS protocol. Thus, a high data transmission rate can be achieved at low cost.
The attestation of the trustworthiness of the signed certificate information may be achieved in a known manner via the public key of the registration component. The public key may be queried from the registration component at any time and may also be transmitted over an unsecured communication channel without compromising the integrity of the communication structure.
Another aspect of the invention is a system with a plurality of components having the above-mentioned features, which system is arranged to perform the method according to the invention. Advantageously, one of the plurality of components has an interface for system user login, wherein the interface is configured for setting the one component as a registration component and for storing a list of authentication entries for other components of the system. Preferably, the interface may be an interface for wired communication, such as a LAN interface, to which a terminal device of a system user may be connected. In an advantageous embodiment, the system has a generator, a consumer, a converter or an electrical energy store. The system is preferably configured for exchanging electrical energy with an energy transmission network.
Preferably, the system has no data connection, e.g. no internet connection, with an entity external to the system. This makes it impossible to access the data of the system from outside, in particular, to conduct a network attack. Alternatively, only one of the components is equipped with such a data connection. The component may be particularly secure against network attacks and may be accessible only from selected entities or via particularly secure connections, for example.
The invention is described below with the aid of the accompanying drawings, in which:
figure 1 shows a data structure of components of a system according to the invention,
Figure 2 shows a flow chart of the method according to the invention,
FIG. 3 shows sub-steps of the flow chart of FIG. 2, and
Fig. 4 shows a system according to the invention after performing the method according to the invention.
Fig. 1 shows a data structure of a component K of a system configured for building a de-centralized data communication structure. Component K has an interface IN for data communication with other components. Furthermore, the component K comprises a processor PR and a memory MEM for providing the basic functions of the component. In addition to the key pair formed by the private key PrK (for encryption and decryption of data) and the associated public key PuK, the component K has a secret value SCR in a secure storage area that is protected from external reading. The private key PrK may also be stored in a secure storage area that is protected from external reading. For example, the key pair may be generated and stored at the time of production of the component, or the component may generate the key pair with the aid of data randomly generated at startup or based on commands received via the interface. The secret value is preferably generated during production of the component and a copy of the secret value is stored in a database of the manufacturer of the component. Alternatively, the secret value may be determined from the serial number of the component, or may be attached to the component in a readable manner or contained in a document provided with the component.
Additionally, component K includes an initially unsigned certificate CU that contains a copy of the public key PuK of component K, which will be represented by the key symbol in the certificate CU. The certificate CU may contain other information, for example the address of the component K may be accessed via the interface IN. The system is formed by a plurality of components K having such a structure, between which a secure, decentralized data communication structure should be established that is resistant to external access or tampering. The system may be a power generating device connected to a power supply network.
In the method for building a decentralized data communication structure within a system having a plurality of components shown in fig. 2, a first step S1 comprises setting up a registered component of the plurality of components. In principle, each component of the system may be selected as a registration component. The installer can make the settings during system debugging. The setting includes storing in the memory of the registration component a list of verification entries specifying which identities of other components of the system the registration component accepts. The list of verification entries may be generated from a list of device-specific secret values that may be provided with the device in printed form or in a manner imprinted on the model name plate. To generate the validation entry, the database of the manufacturer may need to be queried for a secret value associated with the corresponding device. The selection of the component as a registered component may be stored in a memory of the registered component.
Then, in a second step S2, another component may build a tamper-resistant secure channel with the registered component. This structure can be realized by known methods, such as the Diffie-Hellman method. For this reason, there is no need to prove the credibility between the communication partners.
In a third step, another component is authenticated at the registration component. This will be broken down in more detail in fig. 3. To this end, in a first substep S3.1, the further component transmits its initially unsigned certificate to the registration component. The registering component verifies the rights of the other component by means of the verification entry. For example, in the second substep S3.2, the verification may comprise sending an entry in the verification entry of the registering component to another component, which calculates a response from the entry and the secret value stored in the other component, and in the third substep S3.3 sending the response back to the registering component. In the fourth sub-step S3.4, if the response matches an entry associated with the expected response in the list of verification entries, the registration component authenticates the other component in the fifth sub-step S3.5, otherwise in the sixth sub-step S3.6, the registration component refuses to authenticate. Identity authentication involves signing unsigned certificate information of another component by means of the private key of the registering component and sending the signed certificate back via a secure channel. Preferably, upon return, the public key of the registration component is also transmitted together, which allows the authenticity of the certificate to be subsequently verified. Alternatively, the public key may also be transmitted at other points in time, in particular after the mutual authentication of the two communication partners. Thus, it can be ensured that the public key of the registration component is indeed from the registration component.
Each of the other components may then also perform identity authentication at the registration component in this manner in turn, thereby obtaining a certificate signed by the registration component. Thus, in a fourth step S4, if it is determined that all components of the system have successfully passed the identity authentication, the method may be terminated. Thereby it is ensured that each component of the system then holds the certificate signed by the registering component and the public key of the registering component and that this information can be used to negotiate session keys with each other component of the system via a known protocol, e.g. TLS (transport layer security) protocol, so that a secure and reliable data connection can be established. Likewise, the external component cannot make such a connection with or interfere imperceptibly with the components of the system because the external component cannot authenticate through the registration component because the external component does not have a secret value that matches the list of verification entries. Thus, the de-centralized data communication structure constructed using the method according to the present invention is a closed structure.
If necessary, the method can be re-executed at any time to eliminate suspected divulgence. To this end, only the registration component generates a new key pair, i.e. a new private key and a public key, and replaces the old public key in the system with the newly generated public key. Other components may then recognize that their credentials need to be re-authenticated and initiate the process with the registration component.
Likewise, by expanding the list of verification entries with the verification entries of the new component, other components can be added to the system with ease afterwards. Thus, other components can also successfully authenticate at the registration component in this manner.
Fig. 4 shows the system after performing the method according to the invention. The registration component rK and the plurality of other components aK are each arranged for communication with each other via a BUS and are also connected with the BUS via an interface IN. The connection here may be a wired connection or a wireless connection, such as a radio connection. After performing the method according to the invention, each component has a certificate CS signed by the registration component rK. This is represented by the sign of the public key of the registration component rK in the signed certificate CS. At this point, the registration component rK has the certificate CS that is self-signed. Other components of the system, such as the processor PR, the memory MEM, the own key pair PrK, puK and the secret value SCR, correspond to the homonymous components of fig. 1.
By providing the certificate of the first component to another second component of the system as a desired communication partner, the second component can obtain the public key of the first component and verify its trustworthiness by known methods and send back the signed certificate of itself as a response to establish the connection. The trustworthiness of the first component may be verified in the same way. After successful mutual authentication of the trustworthiness, the temporary key for the secure communication can be easily negotiated by means of the public key. The communication method may be, for example, a TLS method or an SSL (secure sockets layer) method, which enables a high data rate and a low computational workload of the processors PR of the participating communication partners while having a high network security.
List of reference marks